therealdreg

Dreg's repositories

DbgChild

Debug Child Process Tool (auto attach)

Language:CNOASSERTION297 20 7

shellex

C-shellcode to hex converter, handy tool for paste & execute shellcodes in IDA PRO, gdb, windbg, radare2, ollydbg, x64dbg, immunity debugger & 010 editor

Language:CMIT115 30

enyelkm

LKM rootkit for Linux x86 with the 2.6 kernel. It inserts salts inside system_call and sysenter_entry.

Language:CMIT86 40

x86osdev

x86 OS development using Bochs emulator. MIT xv6, JamesM's kernel development tutorials (with some changes) & more

Language:C++82 40

cgaty

Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)

Language:CMIT70 80

ida_vmware_windows_gdb

Helper script for Windows kernel debugging with IDA Pro on VMware + GDB stub (including PDB symbols)

Language:PythonGPL-3.063 9 1

lsrootkit

Rootkit Detector for UNIX

Language:CMIT61 100

phook

Full DLL Hooking, phrack 65

Language:CMIT53 80

xshellex

With xshellex you can paste any kind of c-shellcode strings in x64dbg, ollydbg & immunity debugger

Language:CMIT39 30

linux_kernel_debug_disassemble_ida_vmware

Helper script for Linux kernel disassemble or debugging with IDA Pro on VMware + GDB stub (including some symbols helpers)

Language:PythonMIT36 50

evilmass_at90usbkey2

evil mass storage *AT90USBKEY2 (poc-malware-tool for offline system)

Language:CMIT31 20

nasm_linux_x86_64_pure_sharedlib

NASM Linux x86_64 pure (no deps) shared library (.so), POC for Reflective ELF SO injection

Language:ShellMIT29 40

auxlib

Full reversing of the Microsoft Auxiliary Windows API Library and ported to C

Language:CMIT24 40

PatchPae2_PatchPae3

PatchPae2 by wj32 and PatchPae3 by evgeny

Language:C22 4 1

emuhookdetector

hook detector using emulation and comparing static with dynamic outputs

Language:CMIT17 3 1

ptrace_misconfiguration_local_privilege_escalation

ptrace misconfiguration Local Privilege Escalation

Language:CMIT11 30

nasm_vscode

nasm visual studio code

Language:ShellMIT10 20

drx_ptrace_shellcode_injector

drx ptrace shellcode injector

Language:CMIT7 40

lufa-sdcard-mass-storagekeyboard-fatfs-AT90USBKEY2

Language:C7 30

python_reverse_shell_detached_background

python reverse shell detached background

MIT7 50

call_trick_r2pipe

radare2 script to fix disasm with call tricks for strings

MIT6 40

I created r2-syscall-printer (radare r2pipe script) because I need now Linux-kernel interface call convention support (x86 & x86_64): %rdi, %rsi, %rdx, %r10, %r8, %r9. Also you can use this tool as standalone-app to print syscall table info

Language:PythonMIT6 40

ringstepper

windbg plugin easy-step from user code to kernel code

Language:CMIT6 30

bochs-bed

Bochs Enhaced Debugger (bochs-bed). A modern console debug experience.

Language:C++MIT5 40

getproclib

Library for Windows Run-Time Dynamic Linking.

Language:CMIT400

AT90USBKEY2

Original sources and programs for AT90USBKEY2 + own code & patches

Language:HTMLMIT3 30

gdis

GDB plugin to debug instructions mixed with data (GDB-GEF support included)

Language:PythonMIT2 20

dreg-r2panels

my radare2 r2panels

MIT1 30